<?php
(!defined('IN_SYSTEM') || !defined('ADMIN_PRE')) && exit('Access Denied!');
$f = isset($_REQUEST['f'])?$_REQUEST['f']:'index';
if(!in_array($f,array('index','edit','add','save_add','save_edit','promote','delete','ajax_check_username','ajax_check_user'))){
	exit('Access Denied!');
}
if(isset($_G['usergroup']['access']["user$f"]) && !ican("user$f")){
	msg('没有权限');
}
$m = new UserModule;
$m->$f();
class UserModule
{
	function index() {
		global $_G;
		$page = max(1, getGP('page','G','int'));
		$pagesize = 20;
		$offset = ($page - 1) * $pagesize;
		$url = 'admin.php?m=user';
		$wheresql = '';
	
		if ($keyword = getGP('keyword','G')) {
			$wheresql .= " AND a.username LIKE '%$keyword%'";
			$url .= '&keyword='.rawurlencode($keyword);
		}
		if ($groupid = getGP('groupid','G','int')) {
			$wheresql .= " AND a.groupid = '$groupid'";
			$url .= '&groupid='.$groupid;		
		}
	
		$num = $_G['db']->result("SELECT COUNT(*) AS num FROM ".DB_PREFIX."users a WHERE 1 $wheresql");
		$sql = "SELECT a.uid,a.username,a.email,a.groupid,a.status,a.regtime,a.lastlogin,a.logincount,b.groupname FROM ".DB_PREFIX."users a LEFT JOIN ".DB_PREFIX."usergroups b ON a.groupid = b.gid WHERE 1 $wheresql LIMIT $offset, $pagesize";
		$query = $_G['db']->query($sql);
		$result = array();
		while ($row = $_G['db']->fetch_array($query)) {
			$row['artcount'] = $_G['db']->result("SELECT COUNT(*) AS num FROM ".DB_PREFIX."article WHERE uid = '$row[uid]'");
			$result[] = $row;
		}
		include admintemplate('user');
	}
	function add(){
		global $_G;
		include admintemplate('user_add');
	}
	function save_add(){
		global $_G;
		if(!IS_POST) {
			msg('access deny', 'admin.php?m=user');
		}
		if(!ican("useradd")){
			msg('没有权限');
		}
		$authkey = random(5);
		$data = array(
			'username' => check_str(getGP('username','P')),
			'groupid' => check_str(getGP('groupid','P','int')),
			'password' => password(getGP('password','P'),$authkey),
			'email' => check_str(getGP('email','P')),
			'signature' => check_str(getGP('signature','P')),
			'qq' => check_str(getGP('qq','P')),
			'regtime' => TIMESTAMP,
			'authkey' => $authkey,
			'status' => '1'
		);
	
		$_G['db']->insert('users',$data);
		msg('成功添加一个新用户', 'admin.php?m=user');
	}
	function edit(){
		global $_G;
		$uid = getGP('id','G','int');
		if(!ISADMIN && is_admin($uid)){
			msg('你没有编辑此用户的权限');
		}
		$result = $_G['db']->fetch_one_array("SELECT * FROM ".DB_PREFIX."users WHERE uid = '$uid'");
		if ( empty($result) ) {
			msg('用户不存在！');
		}
		include admintemplate('user_edit');
	}
	function save_edit(){
		if(!ican("useredit")){
			msg('没有权限');
		}
		global $_G;
		if(!IS_POST) {
			msg('access deny');
		}
		$uid = getGP('uid','P','int');
		$groupid = getGP('groupid','P','int');
		$email = getGP('email');
		$signature = getGP('signature');
		$qq = getGP('qq');
		$password = getGP('password');
		
		$data = $comment = array();
		if(ican("userpromote")){
			$data['groupid'] = intval($groupid);
		}
		
		if ( is_email($email) ) {
			$data['email'] = $comment['email'] = $email;
		}
		$data['signature'] = check_str($signature);
		$data['qq'] = check_str($qq);
		if (!empty($password)) {
			$data['authkey'] = random(5);
	    	$data['password'] = password(trim($password),$data['authkey']);
		}
	
		$_G['db']->update('users',$data,array('uid'=>$uid));
		if(!empty($comment)){
			//$_G['db']->update('comment', $comment, array('uid' => $uid));
		}
		msg('用户资料修改成功');
	}
	function promote(){
		global $_G;
		$idarr = getGP('id','P','array');
		$groupid = getGP('groupid','P','int');
		if ($groupid && count($idarr)) {
			foreach ($idarr as $uid) {
				$_G['db']->query("UPDATE ".DB_PREFIX."users SET groupid = '$groupid' WHERE uid = '$uid'");
			}
		}
		msg('成功更改选中用户的用户组');
	}
	function delete(){
		global $_G;
		$idarr = getGP('id','P','array');
		if (count($idarr)) {
			foreach ($idarr as $id) {
				$id = intval($id);
				if ( is_admin($id) ) continue;
				$_G['db']->query("DELETE FROM ".DB_PREFIX."users WHERE uid = '$id'");
				if ( $_G['db']->affected_rows() > 0 ) {
					$query = $_G['db']->query("SELECT aid FROM ".DB_PREFIX."article WHERE uid = '$id'");
					while ($row = $_G['db']->fetch_array($query)) {
						delete_article($row['aid']);
					}
					$query = $_G['db']->query("SELECT filepath FROM ".DB_PREFIX."files WHERE uid = '$id'");
					while ($row = $_G['db']->fetch_array($query)) {
						@unlink(BASE_ROOT.$row['filepath']);
					}
					$_G['db']->query("DELETE FROM ".DB_PREFIX."files WHERE uid = '$id'");
				}
			}
		}
		msg('成功删除选中的用户');
	}
	function ajax_check_username(){
		global $_G;
		$username = check_str(getGP('username'));
		if ($_G['db']->fetch_one_array("SELECT id FROM ".DB_PREFIX."users WHERE username = '$username'")) {
			exit('error');
		} else {
			exit('success');
		}
	}
	function ajax_check_user(){
		global $_G;
		$id = getGP('uid','G','int');
		$output = array();
		if ($id) {
			if ($result = $_G['db']->fetch_one_array("SELECT uid,status FROM ".DB_PREFIX."users WHERE uid = '$id'")) {
				if ( is_admin($result['uid']) ) {
					$output['type'] = 'error';
					$output['data'] = '该用户是网站创始人，不允许修改。';
				} else {
					$output['type'] = 'success';
					if ($result['status']) {
						$_G['db']->query("UPDATE ".DB_PREFIX."users SET status = 0 WHERE uid = '$id'");
						$output['data'] = 'nocheck';
					} else {
						$_G['db']->query("UPDATE ".DB_PREFIX."users SET status = 1 WHERE uid = '$id'");
						$output['data'] = 'check';
					}
				}
			} else {
				$output['type'] = 'error';
				$output['data'] = '用户不存在。';
			}
		} else {
			$output['type'] = 'error';
			$output['data'] = '缺少参数。';
		}
		exit(json_encode($output));
	}
}